Hi Ulf, Ulf Zibis wrote: > Hi Eric and André, > > this sounds sounds interesting. > > Currently NTFS-3G allways adds an ACE with full access for World SID, if no > other permissions apply.
When an ACL is bad (or when the validity check is too strict, as in the case found by Eric), ntfs-3g is made to behave like the file would be owned by root with no permissions at all. This way, root (and only root) can fix the ACL by setting the correct owner and permissions, otherwise, the file would appear as locked up, even from root. This is a virtual ACL, not present on disk. > Is this because of a ACE count >= 1 ? > I more would like, there would be added zero ACE if no inheritance is > possible. Otherwise there > would be a security problem when later accessed from Windows, see: > https://bugs.launchpad.net/ubuntu/+source/ntfs-3g/+bug/1249674 There cannot be any such problem for Windows, as the virtual ACL is not present on disk, it is just a memory structure used be ntfs-3g. Jean-Pierre > > Would this be possible with this change? > > Thanks, > > Ulf > > > Am 13.07.2015 um 02:30 schrieb Eric Biggers: >> ntfs_valid_sid() required that the subauthority count be between 1 and 8 >> inclusively. However, Windows permits more than 8 subauthorities as well >> as 0 subauthorities: >> >> - The install.wim file for the latest Windows 10 build contains a file >> whose DACL contains a SID with 10 subauthorities. >> ntfs_set_ntfs_acl() was failing on this file. >> >> - The IsValidSid() function on Windows returns true for subauthority >> less than or equal to 15, including 0. > > > ------------------------------------------------------------------------------ > Don't Limit Your Business. Reach for the Cloud. > GigeNET's Cloud Solutions provide you with the tools and support that > you need to offload your IT needs and focus on growing your business. > Configured For All Businesses. Start Your Cloud Today. > https://www.gigenetcloud.com/ > _______________________________________________ > ntfs-3g-devel mailing list > ntfs-3g-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/ntfs-3g-devel > ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ ntfs-3g-devel mailing list ntfs-3g-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ntfs-3g-devel
